package team.kirohuji.shiro.realm;

import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.commons.lang.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import team.kirohuji.domain.user.User;
import team.kirohuji.repository.jpa.user.UserRepository;
import team.kirohuji.service.user.PriorityService;
import team.kirohuji.service.user.UserService;
import team.kirohuji.utils.ShiroUtils;

/**
 * 认证
 * 
 * @author kirohuji
 *
 */
public class UserRealm extends AuthorizingRealm {

	@Autowired
	private UserService userService;

	@Autowired
	private UserRepository userRepository;
	/**
	 * @see PriorityService priorityService
	 */
	@Autowired
	private PriorityService priorityService;

	/*
	 * 授权(验证权限时调用) (non-Javadoc)
	 * 
	 * @see
	 * org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache.
	 * shiro.subject.PrincipalCollection)
	 * 
	 * @param principals 负责人
	 * 
	 * @return AuthorizationInfo
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

		String adminStr = principals.getPrimaryPrincipal().toString();
		System.out.println(adminStr);
		System.out.println("授权");
		/*
		 * Integer userId = ShiroUtils.getUserId();//获取当前登录人的id
		 */ List<String> permsList = userService.queryAllPerms(1);

		// 用户权限列表
		Set<String> permsSet = new HashSet<String>();
		for (String perms : permsList) {
			if (StringUtils.isBlank(perms)) {
				continue;
			}
			permsSet.addAll(Arrays.asList(perms.trim().split(",")));
		}

		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		info.setStringPermissions(permsSet);
		return info;
	}

	/*
	 * 认证(登录时调用) (non-Javadoc)
	 * 
	 * @see
	 * org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.apache
	 * .shiro.authc.AuthenticationToken)
	 * 
	 * @param token 凭证
	 * 
	 * @return AuthenticationInfo
	 * 
	 * @throws AuthenticationException
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

		String username = (String) token.getPrincipal();
		System.out.println("userRealm:" + username);
		// 查询用户信息
		User user = userService.queryByLoginName(username);
		System.out.println("认证");
		// 账号不存在
		if (user == null) {
			throw new UnknownAccountException("账号不存在");
		}

		// 账号锁定
		if (user.getAccountStatus() == 2) {
			throw new LockedAccountException("账号已被暂停使用");
		}
		/* System.out.println(user); */
		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user.getLoginName(), user.getPassword(),
				ByteSource.Util.bytes(user.getSalt()), getName());
		return info;
	}
}
